Verify the computer is joined to Active Directory
To verify a computer is joined to the Active Directory domain and is retrieving information from Active Directory by running commands on the UNIX computer:
- Log on to the UNIX computer.
-
Type the following command to retrieve information about the computer’s connection to Active Directory:
adinfo
This command returns basic information such as the host name for the computer, whether the computer is joined to the domain, and whether the computer is currently connected to Active Directory. For example:
Local host name: magnolia
Joined to domain: ajax.org
Joined as: magnolia.ajax.org
Current DC: ginger.ajax.org
Preferred site: Default-First-Site-Name
Zone: ajax.org/Centrify/Zones/default
Last password set: 2017-12-21 11:37:22 PST
CentrifyDC mode: connectedFor more detailed information about the environment, you can use --diag or other options with the command. For information about the options available and the information displayed for each option, see the adinfo man page.
-
Type the following command to verify that the adclient process is running:
ps -aef|grep adclient
The command should return output similar to the following:
root 1585 1 0 14:50 ? 00:00:29 adclient
-
Type the following command to confirm that lookup requests use the information in Active Directory:
getent passwd
The command should list all of the Active Directory user accounts that are members of the zone and all local user accounts in the
/etc/passwd file format. For example:ben:x:601:100:Ben Waters:/home/ben:/bin/bash
ashish:x:501:100:Ashish Menendez:/home/ashish:/bin/bash
sunni:x:900:100:Sunni Ashton:/home/sunni:/bin/bash
jolie:x:502:100:Jolie Ames:/home/jolie:/bin/bash
pierre:x:1001:100:Pierre Leroy:/home/pierre:/bin/bash - Review the contents of the /var/log/messages file and look for messages that indicate authentication problems or failures.